Language Selection

English French German Italian Portuguese Spanish

Microsoft, Linux vendors slow to fix flaw

Filed under
Security

Colin Percival detailed the vulnerability -- which affects versions of Intel's CPU that use a technology called hyper-threading -- at a conference on May 13.

The vulnerability could allow hackers to steal sensitive information such as passwords on servers configured to allow multiple users to login simultaneously.

The FreeBSD security team member has received formal responses to the issue from the makers of the BSD family of open-source operating systems, as well as SCO and Ubuntu Linux. However, Linux vendors Red Hat, Novell and Mandriva as well as Microsoft have been slow to act.

"Given that I reported this problem in early March, I really think that they [Microsoft and Linux vendors] should have had a patch over a month ago -- in time to test it extensively before releasing it on May 13th," Percival told ZDNet Australia .

"I made it quite clear to everyone that I would be releasing my paper on that date and that they should make sure they were ready by then," he added.

Although the problem only affects multi-user servers, these machines are widely used. "The most obvious example is shared Web servers, which constitutes the vast majority of small e-commerce sites," he said. "On these systems the flaw is very serious."

Full Story.

More in Tux Machines

Linux-based postmarketOS project aims to give smartphones a 10-year lifecycle

The folks behind postmarketOS want to go even further: they’re developing a Linux-based alternative to Android with the goal of providing up to 10 years of support for old smartphones. That’s the goal anyway. Right now the developers have only taken the first steps. Read more

Canonical Fixes Regression in the Linux 4.4 Kernel Packages of Ubuntu 16.04 LTS

Earlier this month, on August 3, Canonical published multiple security advisories to inform Ubuntu users about the availability of new kernel releases for all supported Ubuntu Linux operating systems. Read more Also: GCC 7 Now Default Compiler in Ubuntu 17.10 (Artful Aardvark), Qt 5.9 Coming Soon

Ubuntu Conference UbuCon Europe to Take Place September 8-10 in Paris, France

The second UbuCon Europe event, a conference dedicated to the European Ubuntu community, is taking place next month, between September 8 and September 10, in Paris, France. Read more

Linux & Radio: What You Can Do With It Now

Third, there is a belief that Linux apps are still too primitive to get anything productive done. Besides (whiny voice), “I tried Linux in 2005, and it was just too ha-r-r-d.” Sorry. A lot of those objections are no longer valid. Linux is solid, stable, free for the most part and has become as easy to navigate as Windows. And those old apps are all grown up now. You may have skipped over previous Linux articles we’ve run, but don’t skip this one. We’re not going to crow about Linux like it’s something brand new, because we both know it has been on your radar screen for 20+ years. This time, we’d rather you read about what you can do with it at your station — and primarily in your production studio — right now. Read more